sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2024-11-22 17:46:37 +03:00
Code Issues Packages Projects Releases Wiki Activity
7,372 Commits 4 Branches 117 Tags 97 MiB
2c968f9a35
Commit Graph

697 Commits

Author SHA1 Message Date
Miroslav Stampar
9ead80d707 Minor patch for Issue #585 2013-12-17 09:39:43 +01:00
Miroslav Stampar
663b1e711b Bug fix 2013-12-01 21:22:29 +01:00
Miroslav Stampar
07bd22fa80 Minor fix 2013-12-01 21:03:30 +01:00
Bernardo Damele
378ce46061 NVARCHAR is not supported on Sybase Adaptive Server 2013-10-18 12:23:50 +01:00
Miroslav Stampar
4c39235c2f Minor revert (5->3) 2013-10-11 00:39:44 +02:00
Miroslav Stampar
6305c1e703 Making a comma-less RLIKE payload 2013-10-11 00:39:11 +02:00
Miroslav Stampar
dbaa35f9fe Minor fix 2013-10-10 23:53:43 +02:00
Miroslav Stampar
2dc570d7a8 Minor patch (for ORDER BY 'col' cases) 2013-10-10 23:08:20 +02:00
Miroslav Stampar
6f2c89bd7c Fix for an Issue #529 2013-09-25 10:22:23 +02:00
Miroslav Stampar
31684dbc89 Fix for an Issue #524 2013-09-13 16:16:46 +02:00
Miroslav Stampar
96ccdb7c83 Adding new regular expressions for error messages 2013-09-06 19:41:40 +02:00
Miroslav Stampar
a711c9ed36 Minor cleanup and initial work for #58 2013-08-09 14:13:48 +02:00
Miroslav Stampar
de31688c4f Update for an Issue #481 2013-07-29 18:25:27 +02:00
Miroslav Stampar
df5a6beb6e Queries for Issue #481 2013-07-27 11:11:11 +02:00
stamparm
dbb0d7f700 Important fix (Issue #489) - we had a bad presumption than only public schema could be used for enumeration (while all schemas inside a current db could be used) 2013-07-19 13:24:35 +02:00
stamparm
27bf37e741 Updating to higher levels for HSQLDB specific payloads (like for e.g. Firebird) 2013-07-04 15:41:08 +02:00
stamparm
f97b35dcc1 Patch for an Issue #475 2013-07-01 13:43:38 +02:00
Bernardo Damele
9a8bec760f added fingerprint for HSQLDB based on Tomcat stacktrace message 2013-07-01 12:17:52 +01:00
stamparm
925098686d Minor fix 2013-07-01 13:05:57 +02:00
stamparm
e3124b9176 Replacing tabs with spaces (Issue #475) 2013-07-01 12:56:34 +02:00
Bernardo Damele
2ca5df2802 minor fix 2013-07-01 11:31:28 +01:00
stamparm
b5e644694a Minor cleanup 2013-07-01 12:05:02 +02:00
Miroslav Stampar
aeb83ba651 Merge pull request #475 from Meatballs1/hsql_clean 
HSQL Payloads and Query Support
 2013-07-01 02:38:04 -07:00
Meatballs
604694c0e5 Cleanup queries.xml 2013-06-24 23:22:52 +01:00
Meatballs
55a37183d4 Cleanup payloads file 2013-06-24 15:04:52 +01:00
Meatballs
355d3f86be hsql payloads and queries xml 2013-06-24 14:34:54 +01:00
Miroslav Stampar
4336a8fa7c Fix for overnight (previously removed : from prefix/suffix was important for XMLType payload) 2013-06-24 14:18:42 +02:00
Miroslav Stampar
fca6772df6 Implementation for an Issue #468 2013-06-22 00:13:46 +02:00
stamparm
20b8186fcc Fix for an Issue #467 2013-06-19 10:41:58 +02:00
Miroslav Stampar
ad07add549 Fixing MySQL/stacked payloads (also removing stacked conditional-error version as it's syntatically incorrect) 2013-06-05 14:32:06 +02:00
stamparm
f456b5a28d Bug fix (this payload was also doable on MySQL - with CAST it's strictly being bound to Oracle only) 2013-05-29 17:41:42 +02:00
Miroslav Stampar
19b87074c6 Minor fix 2013-05-22 23:30:33 +04:00
Miroslav Stampar
d34286fe44 Temporary disabling 2013-05-12 13:45:32 +02:00
Miroslav Stampar
427d88b194 Minor overnight fix 2013-05-04 11:39:23 +02:00
stamparm
ff62b0d3ea Replacing a substring query for PgSQL with a non-comma version (there are no compatibility issues while skipping problems with possible comma filtering) 2013-04-25 10:14:03 +02:00
stamparm
9c264e6426 Revert back of SQLite3 time-based payload as of regression test failing 2013-04-10 11:10:19 +02:00
stamparm
acc650d3dc Minor fine tuning 2013-04-03 15:14:25 +02:00
stamparm
125168c515 Reverting back to 8002531b63 (that last 76dcbbda0f resulted in 'too big blob') 2013-04-03 14:38:13 +02:00
stamparm
76dcbbda0f Reverting last commit and making heavy query on SQLite heavier 2013-04-03 14:23:28 +02:00
stamparm
8002531b63 Heavy queries should not have --time-sec set to some small value in live tests as their responses are machine dependent (on fast machines --time-sec=2 will result in fast responses making sqlmap life harder) 2013-04-03 14:17:13 +02:00
stamparm
64ba88096f Adding a new test case (Issue #423) 2013-03-21 12:13:13 +01:00
Bernardo Damele
30cf933445 added one more test case 2013-03-05 18:21:45 +00:00
stamparm
46b9a602ba Minor style update (because of consistency with other payloads; also, Oracle is uppercase oriented) 2013-03-01 12:43:08 +01:00
Miroslav Stampar
f593e1d30f Reverting last commit as there is bunch of similar 2013-02-20 17:35:36 +01:00
stamparm
e2b7384921 Adding a new test case (--sql-query) 2013-02-20 14:10:39 +01:00
Miroslav Stampar
6c8e8e2a0f Minor fix 2013-02-18 15:23:55 +01:00
Miroslav Stampar
75a9404cb5 Bug fix (unenclosed 'SELECT * FROM user' returns result for a system function user <- previous results were illegal) 2013-02-18 14:15:48 +01:00
Bernardo Damele
5abca52924 added one more test case 2013-02-15 17:11:40 +00:00
Miroslav Stampar
b3b3899dab Fix for an Issue #273 (must for MsSQL 2000; works on MsSQL > 2000) 2013-02-14 10:08:29 +01:00
Miroslav Stampar
3483fd4347 MAX not supported by MSSQL < 2005 2013-02-13 18:33:28 +01:00
Bernardo Damele
1384b8794f add parsed error messages to console_output for better debugging of failed regression test cases 2013-02-12 13:48:11 +00:00
Bernardo Damele
70230f3513 minor fix 2013-02-12 09:28:15 +00:00
Bernardo Damele
c8d1020a13 re-enabled brute-force test cases 2013-02-07 14:19:58 +00:00
Miroslav Stampar
c0888e92c8 Minor update 2013-02-05 12:02:48 +01:00
Miroslav Stampar
7ba0da66b1 Merge branch 'master' of github.com:sqlmapproject/sqlmap 2013-02-05 11:10:31 +01:00
Miroslav Stampar
9434cc26d8 Minor fix 2013-02-05 11:10:21 +01:00
Bernardo Damele
9da6f8e08a more verbose parsing rule 2013-02-05 09:58:11 +00:00
Bernardo Damele
6a83eea587 added SQLite 3 test cases 2013-02-05 09:11:20 +00:00
Bernardo Damele
0f4f808be4 minor improvement 2013-02-04 23:26:17 +00:00
Bernardo Damele
5a8f94a1e1 temporary patch 2013-02-04 09:15:05 +00:00
Miroslav Stampar
231ea51fe6 Removing leftover 2013-02-01 17:10:40 +01:00
Miroslav Stampar
68e507ea9f Update for an SQLite3 time-based (heavy query) payloads (better timedelay) 2013-01-31 18:59:18 +01:00
Miroslav Stampar
410f6ad476 Fix for an Issue #380 2013-01-31 13:26:38 +01:00
Miroslav Stampar
6b6e36b2ec Continuation of work on fixing DISTINCT/--search issues (Oracle) 2013-01-30 18:08:34 +01:00
Miroslav Stampar
838e98192e Consistency update (we are not using DISTINCT in inband counterparts too) 2013-01-30 17:25:36 +01:00
Miroslav Stampar
112ff952d4 Continuation of cleaning up a mess in Oracle's world of DISTINCT (part of Issue #342 and #372) 2013-01-30 17:08:17 +01:00
Miroslav Stampar
fdea8ddea6 Starting to clean up a mess in Oracle's world of DISTINCT (part of Issue #342 and #372) 2013-01-30 16:55:09 +01:00
Miroslav Stampar
742c66fad2 Adding one more test (switch --hex) 2013-01-30 11:40:12 +01:00
Bernardo Damele
8519717f25 minor fixes to --live-test 2013-01-30 10:32:56 +00:00
Miroslav Stampar
f2512d06db Removing unneeded whitespace in inference queries 2013-01-29 16:13:49 +01:00
Bernardo Damele
2a9fe62c3f bind payload is preferred if filtering does not allow reverse connection 2013-01-26 15:51:47 +00:00
Miroslav Stampar
f9b44d6ff7 Adding test cases for using custom injection marks 2013-01-25 16:07:27 +01:00
Bernardo Damele
aed833c1d2 fixed test case 2013-01-24 14:59:55 +00:00
Bernardo Damele
7d01eb79b4 minor fix 2013-01-24 00:55:45 +00:00
Bernardo Damele
3c0c7f776f minor fix 2013-01-23 16:57:51 +00:00
Bernardo Damele
f1534a178a regexp fixes 2013-01-23 16:22:01 +00:00
Bernardo Damele
9ceb4839ac added test cases for --common-tables across all DBMSes and supported techniques 2013-01-23 15:54:58 +00:00
Miroslav Stampar
c83f468a37 Trivial changes 2013-01-23 15:34:20 +01:00
Miroslav Stampar
35d76f3da5 Adding missing stuff related to the last commit 2013-01-23 14:48:31 +01:00
Miroslav Stampar
9825e247db Refactoring search module 2013-01-23 14:22:35 +01:00
Bernardo Damele
599ad74a32 typo fix 2013-01-23 13:05:10 +00:00
Bernardo Damele
7ee07d031a added PostgreSQL stacked queries test case 2013-01-23 12:15:20 +00:00
Bernardo Damele
314ed22fc3 added preventive cleanup test case 2013-01-23 12:12:30 +00:00
Bernardo Damele
f3ff239e62 minor fix 2013-01-23 00:21:11 +00:00
Bernardo Damele
aafc5b5623 added one just in case test case to check if all params are tested as they should be 2013-01-23 00:18:54 +00:00
Bernardo Damele
91c00939f7 added one more test case 2013-01-22 18:28:59 +00:00
Miroslav Stampar
d6a361f859 Proper implementation for --technique=Q --dbms=Firebird 2013-01-22 16:31:26 +01:00
Miroslav Stampar
5ea45af1c4 Warming up for Issue #366 and #367 2013-01-22 14:14:20 +01:00
Bernardo Damele
4f081a6a9b typo fixes 2013-01-22 13:00:15 +00:00
Bernardo Damele
afa9046e74 added Firebird custom enumeration test cases and stricten a few cases to make sure query length calculation function works properly with multi-threading/boolean technique 2013-01-22 12:34:11 +00:00
Bernardo Damele
29a65b5cdc added Firebird search test cases 2013-01-22 11:23:48 +00:00
Miroslav Stampar
b8318efecc Merge branch 'master' of github.com:sqlmapproject/sqlmap 2013-01-22 11:29:15 +01:00
Bernardo Damele
11413a0f03 added Firebird search test cases 2013-01-22 10:04:17 +00:00
Bernardo Damele
e23340f002 added support for search for tables on Firebird (issue #365) 2013-01-22 09:53:05 +00:00
Bernardo Damele
d2ff9bccbb minor adjustment 2013-01-21 21:00:03 +00:00
Bernardo Damele
bc5a7e49e9 done with DB2 test cases (issue #312) 2013-01-21 20:53:11 +00:00
Bernardo Damele
3cfa6cd191 minor adjustments 2013-01-21 16:41:47 +00:00
Bernardo Damele
d5de5306d6 minor fixes following recent enhancements 2013-01-21 16:38:31 +00:00
Miroslav Stampar
472f5e35c2 Removing that space char 2013-01-21 17:35:23 +01:00
Miroslav Stampar
5d318b4980 Fix for a ISNULL mechanism in Firebird 2013-01-21 17:33:09 +01:00
Miroslav Stampar
99bc4a9005 Generic approach for dealing with that nasty Firebird habit of appending spaces to (tec=EU) varchar casted values 2013-01-21 17:17:20 +01:00
Miroslav Stampar
832d95984c IFNULL-like mechanism now works on SQLite 2 too 2013-01-21 15:04:27 +01:00
Miroslav Stampar
aebf2c1350 Slightly better payload for Firebird delay-based SQLi (adding sligtly more delay) 2013-01-20 23:10:58 +01:00
Bernardo Damele
845ec006d7 fixed again 2013-01-20 01:33:22 +00:00
Bernardo Damele
115be9d7b5 minor fixes 2013-01-20 01:26:46 +00:00
Bernardo Damele
a24eaffacc fixed --columns on DB2, inline with Oracle and other DBMSes now 2013-01-19 16:14:25 +00:00
Bernardo Damele
b05c6cbd13 leftover 2013-01-19 00:29:42 +00:00
Bernardo Damele
30273e03fe leftover 2013-01-19 00:28:48 +00:00
Bernardo Damele
0e78fbef56 correctly format SQLi payload for inline query technique 2013-01-19 00:28:03 +00:00
Bernardo Damele
89ddd54a75 added Firebird inline query payload, requires some work though engine-side for the vector to be usable 2013-01-19 00:05:15 +00:00
Bernardo Damele
10d86d042c enough.. 2013-01-18 23:46:26 +00:00
Bernardo Damele
e76213ef5d more fixes 2013-01-18 23:37:13 +00:00
Bernardo Damele
6be7eee8d6 more fixes 2013-01-18 23:35:16 +00:00
Bernardo Damele
56eaa073ce fixed test cases for Firebird - #312 2013-01-18 23:32:39 +00:00
Bernardo Damele
edeb181c4f added first bunch of test cases for Firebird, issue #312 2013-01-18 23:17:43 +00:00
Bernardo Damele
b176cdb578 layout adjustment 2013-01-18 22:10:52 +00:00
Bernardo Damele
2471f325b2 minor adjustments 2013-01-18 21:47:25 +00:00
Bernardo Damele
1ad9e26a21 bug fix for ORDER BY users provided statements (issue #354) 2013-01-18 21:40:50 +00:00
Bernardo Damele
ebd1d3095b done with test cases for Oracle - issue #312 2013-01-18 21:40:11 +00:00
Bernardo Damele
d594978857 typo fix again 2013-01-18 20:48:37 +00:00
Bernardo Damele
bab9485561 typo fix 2013-01-18 20:48:08 +00:00
Bernardo Damele
2550bbc05e fix for #353 2013-01-18 20:40:38 +00:00
Bernardo Damele
2463e51e73 added one more test case for DB2 and a few search-related cases for Oracle (issue #312) 2013-01-18 20:37:20 +00:00
Bernardo Damele
d66f7e22b1 more fixes to test cases 2013-01-18 09:32:05 +00:00
Bernardo Damele
e4ee4f9557 fixed some test cases 2013-01-17 23:17:33 +00:00
Bernardo Damele
ce263b794f on DB2 there are no users password hashes to dump 2013-01-17 22:17:55 +00:00
Bernardo Damele
d2d3878de1 typo fix 2013-01-17 21:58:53 +00:00
Bernardo Damele
acac8c359b fixed --current-db query for IBM DB2 2013-01-17 20:47:35 +00:00
Bernardo Damele
74286e339f test if boolean also works correctly for --os-cmd 2013-01-16 15:36:35 +00:00
Bernardo Damele
6f08d10d07 leftover 2013-01-16 15:16:18 +00:00
Bernardo Damele
1c8bd95e68 more work on Oracle test cases (#312) 2013-01-16 15:13:47 +00:00
Bernardo Damele
6b0ed1c581 fixed parsing reg exps to work with Oracle XE (#312) 2013-01-16 15:00:45 +00:00
Bernardo Damele
a3493769ca minor fix 2013-01-16 00:45:18 +00:00
Bernardo Damele
983593510c ported Oracle checks to express edition 2013-01-15 23:59:29 +00:00
Miroslav Stampar
7a1d484115 Implementation for an Issue #340 2013-01-15 16:05:33 +01:00
Bernardo Damele
3f84cefc77 Merge branch 'master' of github.com:sqlmapproject/sqlmap 2013-01-15 14:59:22 +00:00
Bernardo Damele
1cafe605af added more Oracle test cases 2013-01-15 14:59:15 +00:00
Miroslav Stampar
02f0e72cc6 Minor update of other/corner case titles 2013-01-15 11:10:03 +01:00
Miroslav Stampar
498a576e39 Removing obsolete data 2013-01-15 10:59:46 +01:00
Bernardo Damele
3fa720e699 added first Oracle test cases 2013-01-14 17:30:42 +00:00
Bernardo Damele
8a2b994b94 added SQLite test cases (issue #312) 2013-01-14 16:50:24 +00:00
Bernardo Damele
e555c2be30 added support for --search -T for SQLite 2013-01-14 16:26:11 +00:00
Bernardo Damele
48e0154fc3 added SQLite inline queries payload 2013-01-14 15:30:01 +00:00
Bernardo Damele
3e2c3851f3 Make --live-test Metasploit integration cases work, added more test cases for PostgreSQL and code refactoring (issue #312) 2013-01-14 13:42:50 +00:00
Bernardo Damele
bd89ade02f minor bug fix for PostgreSQL --file-read 2013-01-14 12:22:00 +00:00
Bernardo Damele
c6d4b89869 minor bug fix for PostgreSQL (issue #338) 2013-01-14 11:41:30 +00:00
Bernardo Damele
b35b8a4835 fixed regexps for --live-test (issue #312) 2013-01-14 10:24:11 +00:00
Bernardo Damele
4acb281414 added first test cases for PostgreSQL 2013-01-14 01:11:57 +00:00
Bernardo Damele
b74cfbf336 minor enhancements for debug purposes (issue #312) 2013-01-13 23:15:56 +00:00
Miroslav Stampar
bc4d8d3e02 Implementation for an Issue #332 2013-01-11 11:17:41 +01:00